package com.climber.spb_shiro.config;

import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Bean
    public IniRealm getIniRealm(){
        IniRealm iniRealm=new IniRealm("classpath:shiro.ini");
        return iniRealm;
    }
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(IniRealm iniRealm){
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        //securityManager要完成校验，需要realm
        securityManager.setRealm(iniRealm);
        return securityManager;
    }
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean filter=new ShiroFilterFactoryBean();
        filter.setSecurityManager(defaultWebSecurityManager);
        //设置shiro的拦截规则
        //anon 匿名用户可访问   authc  认证用户可访问
        //user 使用RemeberMe的用户可访问  perms  对应权限可访问
        //role  对应的角色可访问
        // 这里配置路径不带server.servlet.context-path
        Map<String,String> filterMap=new HashMap<>();
        filterMap.put("/login","anon");
        filterMap.put("/error","anon");
        filterMap.put("/user/loginCheck","anon");
        filterMap.put("/**","authc");
//        filterMap.put("/**","anon");
        filter.setFilterChainDefinitionMap(filterMap);
//        loginUrl：没有登录的用户请求需要登录的页面时自动跳转到登录页面。
//
//        unauthorizedUrl：没有权限默认跳转的页面，登录的用户访问了没有被授权的资源自动跳转到的页面。
        filter.setLoginUrl("/error");
        //设置未授权页面跳转到登录页面
//        filter.setUnauthorizedUrl("error");
        return filter;
    }

}
